Hackers breach European agency to access BioNTech, Pfizer COVID-19 vaccine files

Pfizer and BioNTech are working with the agency to roll out a vaccine.
(Getty Images)

The European Medicines Agency, which is currently helping to roll out two coronavirus vaccines, has been hit by hackers, the agency announced Wednesday.

Attackers successfully accessed “some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate” that were stored on a European Medicines Agency (EMA) server, according to a statement BioNTech released on its investors’ website.

The intruders did not breach any BioNTech or Pfizer systems, according to BioNTech’s statement. BioNTech said it is unaware if any study volunteers had been identified in the course of the attack.

A spokesperson for Moderna, another company working with the EMA on a vaccine candidate, told CyberScoop the firm had not been informed it was affected by the breach.


“We have not received notification of Moderna experiencing this specific data violation from the European Medicines Agency, but we are engaged with them and monitoring the situation,” the spokesperson said.

The EMA said it is working with law enforcement to investigate the incident further. In the interim, the timeline for the Pfizer and BioNTech vaccine’s review will not be affected, according to BioNTech.

“At this time, we await further information about EMA’s investigation and will respond appropriately and in accordance with EU law,” BioNTech said in its statement. “EMA has assured us that the cyber attack will have no impact on the timeline for its review.”

The European Union’s Public Health Committee is slated to discuss authorization of the vaccines on Thursday, according to the BBC. Canadian officials approved the BioNTech and Pfizer vaccines for distribution on Tuesday, according to the CBC. The U.K. has already begun administering vaccine doses.

Hackers have been targeting entities working on coronavirus vaccines and other coronavirus-related research for months, as nation-states and criminals alike seek to steal valuable intellectual property or undermine confidence in vaccines. The governments of the U.S., U.K. and Canada warned in July that Russian government-affiliated hackers known as APT29 or Cozy Bear have targeted entities working on COVID-19 vaccines.


U.S.-based Johnson & Johnson and Novavax have reportedly been targeted by North Korean hackers in recent months, as have South Korean-based Genexine, Shin Poong Pharmaceutical, Celltrion and U.K.-based AstraZeneca.

Neither the EMA nor BioNTech specified which hackers appeared to be behind the attack.

FBI officials have said their biggest concern is if hackers are able to pull off destructive or disruptive attacks that impact the effectiveness or safety of any vaccines

The EMA and BioNTech did not say if any disruption or destruction had taken place.

The EMA and Pfizer declined to elaborate further. BioNTech did not immediately return request for comment.

Shannon Vavra

Written by Shannon Vavra

Shannon Vavra covers the NSA, Cyber Command, espionage, and cyber-operations for CyberScoop. She previously worked at Axios as a news reporter, covering breaking political news, foreign policy, and cybersecurity. She has appeared on live national television and radio to discuss her reporting, including on MSNBC, Fox News, Fox Business, CBS, Al Jazeera, NPR, WTOP, as well as on podcasts including Motherboard’s CYBER and The CyberWire’s Caveat. Shannon hails from Chicago and received her bachelor’s degree from Tufts University.

Latest Podcasts